GHSA-p6j4-wvmc-vx2h: Duplicate Advisory: OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-vfg3-pqpq-93m4. This link is maintained to preserve external references.
Original Description
OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content handling prior to final auth decisions. Attackers can exploit this timing vulnerability to access or manipulate content before proper authorization validation occurs.
References
- github.com/advisories/GHSA-p6j4-wvmc-vx2h
- github.com/openclaw/openclaw/commit/3cbf932413e41d1836cb91aed1541a28a3122f93
- github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
- github.com/openclaw/openclaw/commit/ebee4e2210e1f282a982c7ef2ad79d77a572fc87
- github.com/openclaw/openclaw/security/advisories/GHSA-vfg3-pqpq-93m4
- nvd.nist.gov/vuln/detail/CVE-2026-35637
- www.vulncheck.com/advisories/openclaw-premature-cite-expansion-before-authorization-in-channel-and-dm
Code Behaviors & Features
Detect and mitigate GHSA-p6j4-wvmc-vx2h with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →